Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09

ietf

Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09

2015-03-10 10:28:47

"t" == t p <daedulus(_at_)btconnect(_dot_)com> writes:



Well, I think you still need to answer questions like

* Is it a fingerprint of the cert or the key?

* Is the server expected to re-normalize the DER?    Allowed to
  re-normalize the DER?

So that the input to the hash is well specified.
Several protocols within the IETF have taken on the challenge of
describing how to fingerprint certificates.  I think the document would
be improved by picking one of these strategies.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Secdir Review of draft-ietf-netconf-rfc5539bis-09, Sam Hartman Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, t.p. Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, Sam Hartman <= Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, t.p. Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, Juergen Schoenwaelder Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, Viktor Dukhovni RE: Secdir Review of draft-ietf-netconf-rfc5539bis-09, Ersue, Mehmet (Nokia - DE/Munich) Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, Juergen Schoenwaelder

Previous by Date:	Re: Unhelpful draft names, David Borman
Next by Date:	Re: Last Call: <draft-farrresnickel-harassment-05.txt> (IETF Anti-Harassment Procedures) to Best Current Practice, Sam Hartman
Previous by Thread:	Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, t.p.
Next by Thread:	Re: Secdir Review of draft-ietf-netconf-rfc5539bis-09, t.p.
Indexes:	[Date] [Thread] [Top] [All Lists]